cancel
Showing results for 
Search instead for 
Did you mean: 

Verify webhook in python

Hi all, 

I'm trying to verify the webhook when I receive the notification in a lambda function in python. This is currently how I'm doing it, but it doesn't match the X-ANET-SIGNATURE, wondering if anyone can help me out here. Thanks!

 

 

SIGNATURE_KEY= os.environ.get("key")

def lambda_handler(event, context):
    body = json.loads(event["body"])
    verify_webook(body, event["headers"]["X-ANET-Signature"])

def verify_webook(body, hmac_header, secret=SIGNATURE_KEY):
    body = json.dumps(body)
    digest = hmac.new(
    secret.encode("utf-8"), body.encode("utf-8"), hashlib.sha512
    ).hexdigest()
    return hmac_header == f"sha512={digest.upper()}"

 

Jmont261
Member
1 ACCEPTED SOLUTION

Accepted Solutions

This code actually works and I hope it's helpful for anyone using python and verifying the webhook notification since I didn't see any examples in the documentation. The issue was that in my env variable I accidentally had whitespace which was messing with it being encoded properly. So, if you're running into the same issue, make sure the signature key is correct and you're encoding the signature key and body from the webhook event properly.

View solution in original post

Jmont261
Member
1 REPLY 1

This code actually works and I hope it's helpful for anyone using python and verifying the webhook notification since I didn't see any examples in the documentation. The issue was that in my env variable I accidentally had whitespace which was messing with it being encoded properly. So, if you're running into the same issue, make sure the signature key is correct and you're encoding the signature key and body from the webhook event properly.

Jmont261
Member